[Oisf-users] address-group syntax

[Michael Stone]

Is the syntax for address-groups (e.g., HOME_NET) fully described 
anywhere?  There are config file examples that suggest some syntax, but 
there's also a todo note in detect-engine-address.c that suggests that 
certain forms won't work properly (e.g., I think, setting HOME_NET to 
[!10.0.0.0/8] and EXTERNAL_NET to !HOME_NET / ![!10.0.0.0/8] ?) It's 
certainly possible to experiment, but it would be nice to know what is 
supposed to work and what isn't.

Mike Stone